Grafana · Grafana Piechart-Panel Plugin · CVE-2020-13429
**Name of the Vulnerable Software and Affected Versions**
Grafana piechart-panel plugin versions prior to 1.5.0
**Description**
The issue allows for XSS via the `Values Header` option, also known as the legend header. This is a security concern as it can lead to malicious script execution.
**Recommendations**
For versions prior to 1.5.0, update to version 1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `Values Header` option in the piechart-panel plugin to minimize the risk of exploitation.